[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   29.216502] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   32.464389] random: sshd: uninitialized urandom read (32 bytes read)
[   32.811301] random: sshd: uninitialized urandom read (32 bytes read)
[   33.894758] random: sshd: uninitialized urandom read (32 bytes read)
[   54.319704] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.46' (ECDSA) to the list of known hosts.
[   59.780525] random: sshd: uninitialized urandom read (32 bytes read)
net.ipv6.conf.syz_tun.accept_dad = 0
[   59.898975] IPVS: ftp: loaded support on port[0] = 21
net.ipv6.conf.syz_tun.router_solicitations = 0
[   60.044485] ip (4496) used greatest stack depth: 54552 bytes left
[   60.149835] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.156238] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.163437] device bridge_slave_0 entered promiscuous mode
[   60.183083] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.189504] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.196705] device bridge_slave_1 entered promiscuous mode
[   60.215760] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   60.235534] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   60.259665] ip (4519) used greatest stack depth: 53800 bytes left
[   60.288688] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   60.311127] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   60.395986] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   60.403253] team0: Port device team_slave_0 added
[   60.421742] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   60.428892] team0: Port device team_slave_1 added
[   60.448462] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   60.470114] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   60.491839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   60.513884] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
RTNETLINK answers: Operation not supported
RTNETLINK answers: No buffer space available
RTNETLINK answers: Operation not supported
[   60.678238] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.684653] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.691369] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.697740] bridge0: port 1(bridge_slave_0) entered forwarding state
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
[   61.292776] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.355661] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   61.416363] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   61.422578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   61.430391] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   61.484562] 8021q: adding VLAN 0 to HW filter on device team0
executing program
[   61.811625] ==================================================================
[   61.819021] BUG: KMSAN: uninit-value in ip_tunnel_xmit+0x5e9/0x37c0
[   61.825409] CPU: 0 PID: 4476 Comm: syz-executor359 Not tainted 4.17.0-rc3+ #93
[   61.832742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   61.842074] Call Trace:
[   61.844639]  dump_stack+0x185/0x1d0
[   61.848240]  ? ip_tunnel_xmit+0x5e9/0x37c0
[   61.852495]  kmsan_report+0x142/0x240
[   61.856272]  __msan_warning_32+0x6c/0xb0
[   61.860307]  ip_tunnel_xmit+0x5e9/0x37c0
[   61.864341]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   61.869687]  ? skb_push+0x16b/0x260
[   61.873288]  ? __msan_metadata_ptr_for_store_2+0x13/0x20
[   61.878717]  ? gre_build_header+0x5ab/0xaa0
[   61.883015]  ipgre_xmit+0xdb7/0xe90
[   61.886617]  ? ipgre_close+0x230/0x230
[   61.890481]  dev_hard_start_xmit+0x5f1/0xc70
[   61.894868]  __dev_queue_xmit+0x27ee/0x3520
[   61.899163]  ? sock_alloc_send_pskb+0x13b/0x1190
[   61.903890]  ? sock_alloc_send_pskb+0xfee/0x1190
[   61.908627]  dev_queue_xmit+0x4b/0x60
[   61.912403]  ? __netdev_pick_tx+0xb60/0xb60
[   61.916708]  packet_sendmsg+0x7cc3/0x8ac0
[   61.920833]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   61.926265]  ? pagevec_lru_move_fn+0x490/0x4e0
[   61.930822]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[   61.936247]  ? __walk_page_range+0x1de0/0x23d0
[   61.940806]  ? lru_cache_add_active_or_unevictable+0x497/0x5f0
[   61.946751]  ? kmsan_set_origin_inline+0x6b/0x120
[   61.951568]  ? __msan_poison_alloca+0x15c/0x1d0
[   61.956219]  ? compat_packet_setsockopt+0x360/0x360
[   61.961209]  __sys_sendto+0x6c0/0x7e0
[   61.964990]  __x64_sys_sendto+0x1a1/0x210
[   61.969115]  do_syscall_64+0x154/0x220
[   61.972980]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   61.978142] RIP: 0033:0x441739
[   61.981304] RSP: 002b:00007ffc236ffe78 EFLAGS: 00000216 ORIG_RAX: 000000000000002c
[   61.988985] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441739
[   61.996238] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[   62.003483] RBP: 00000000006cd018 R08: 0000000020000080 R09: 000000000000001c
[   62.010728] R10: 0000000000000000 R11: 0000000000000216 R12: 00000000004024f0
[   62.017980] R13: 0000000000402580 R14: 0000000000000000 R15: 0000000000000000
[   62.025228] 
[   62.026827] Uninit was created at:
[   62.030345]  kmsan_internal_poison_shadow+0xb8/0x1b0
[   62.035429]  kmsan_kmalloc+0x94/0x100
[   62.039214]  kmsan_slab_alloc+0x10/0x20
[   62.043162]  __kmalloc_node_track_caller+0xb32/0x11b0
[   62.048326]  __alloc_skb+0x2cf/0x9f0
[   62.052013]  alloc_skb_with_frags+0x1e6/0xb80
[   62.056481]  sock_alloc_send_pskb+0xb56/0x1190
[   62.061036]  packet_sendmsg+0x648d/0x8ac0
[   62.065162]  __sys_sendto+0x6c0/0x7e0
[   62.068938]  __x64_sys_sendto+0x1a1/0x210
[   62.073058]  do_syscall_64+0x154/0x220
[   62.076925]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   62.082086] ==================================================================
[   62.089416] Disabling lock debugging due to kernel taint
[   62.094835] Kernel panic - not syncing: panic_on_warn set ...
[   62.094835] 
[   62.102172] CPU: 0 PID: 4476 Comm: syz-executor359 Tainted: G    B             4.17.0-rc3+ #93
[   62.110900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   62.120233] Call Trace:
[   62.122802]  dump_stack+0x185/0x1d0
[   62.126420]  panic+0x39d/0x940
[   62.129601]  ? ip_tunnel_xmit+0x5e9/0x37c0
[   62.133815]  kmsan_report+0x238/0x240
[   62.137597]  __msan_warning_32+0x6c/0xb0
[   62.141637]  ip_tunnel_xmit+0x5e9/0x37c0
[   62.145676]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   62.151027]  ? skb_push+0x16b/0x260
[   62.154639]  ? __msan_metadata_ptr_for_store_2+0x13/0x20
[   62.160068]  ? gre_build_header+0x5ab/0xaa0
[   62.164375]  ipgre_xmit+0xdb7/0xe90
[   62.167985]  ? ipgre_close+0x230/0x230
[   62.171851]  dev_hard_start_xmit+0x5f1/0xc70
[   62.176236]  __dev_queue_xmit+0x27ee/0x3520
[   62.180534]  ? sock_alloc_send_pskb+0x13b/0x1190
[   62.185262]  ? sock_alloc_send_pskb+0xfee/0x1190
[   62.189997]  dev_queue_xmit+0x4b/0x60
[   62.193784]  ? __netdev_pick_tx+0xb60/0xb60
[   62.198081]  packet_sendmsg+0x7cc3/0x8ac0
[   62.202206]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   62.207632]  ? pagevec_lru_move_fn+0x490/0x4e0
[   62.212189]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[   62.217613]  ? __walk_page_range+0x1de0/0x23d0
[   62.222177]  ? lru_cache_add_active_or_unevictable+0x497/0x5f0
[   62.228127]  ? kmsan_set_origin_inline+0x6b/0x120
[   62.232948]  ? __msan_poison_alloca+0x15c/0x1d0
[   62.237597]  ? compat_packet_setsockopt+0x360/0x360
[   62.242589]  __sys_sendto+0x6c0/0x7e0
[   62.246371]  __x64_sys_sendto+0x1a1/0x210
[   62.250496]  do_syscall_64+0x154/0x220
[   62.254362]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   62.259528] RIP: 0033:0x441739
[   62.262693] RSP: 002b:00007ffc236ffe78 EFLAGS: 00000216 ORIG_RAX: 000000000000002c
[   62.270384] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441739
[   62.277627] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[   62.284872] RBP: 00000000006cd018 R08: 0000000020000080 R09: 000000000000001c
[   62.292118] R10: 0000000000000000 R11: 0000000000000216 R12: 00000000004024f0
[   62.299363] R13: 0000000000402580 R14: 0000000000000000 R15: 0000000000000000
[   62.307104] Dumping ftrace buffer:
[   62.310623]    (ftrace buffer empty)
[   62.314306] Kernel Offset: disabled
[   62.317905] Rebooting in 86400 seconds..